HxD-Editor is really great! I am trying to make a little program in C++, where i am searching for some strings/numbers in the RAM of a running program.
I googled much around and was trying many different things. But it is still very slow compared to HxD. I guess it's because i copy the RAM instead of searching directly in it.
Can i do more significantly changes or do i need other functions? In which language is HxD programmed?
Here is my code:
Code: Select all
#include <windows.h>
#include <iostream>
#include <limits> // new line
using namespace std;
int Memory(HWND MyWindow, int long Address, int Value, bool _w)
{
DWORD PROC_ID;
HANDLE PROC_HANDLE;
GetWindowThreadProcessId(MyWindow, &PROC_ID);
PROC_HANDLE = OpenProcess(PROCESS_ALL_ACCESS, false, PROC_ID);
if(_w)
WriteProcessMemory(PROC_HANDLE, (LPVOID)Address, &Value, sizeof(long int), NULL);
else
ReadProcessMemory(PROC_HANDLE, (LPVOID)Address, &Value, sizeof(long int), NULL);
CloseHandle(PROC_HANDLE);
return Value;
}
int main()
{
SetConsoleTitle("Memory Search");
register unsigned long long int x; // registering the most used variables
/*** maximizing the case ***/
LPVOID MyLPVOID;
char Caption[1000] = "n1.txt - Editor";
// cout << "Enter the caption of the window: ";
// cin.getline(Caption, 1000);
HWND Test = FindWindow(NULL, Caption);
if (!Test){
cout << "\nCannot find window \"" << Caption << "\"!"<<endl;
system("pause");
return 1;
}
LPVOID Address = (void*)0x00010000;
// cout << "\nEnter the address to start at: ";
// cin >> Address;
register unsigned long long int Limit = ((numeric_limits<unsigned long long int>::max())/2)-((long int)Address+1);
/*** IMPORTANT ***/
int WhatToFind;
cout << "\nWhat number are you trying to find: ";
cin >> WhatToFind;
for (x=0;x<Limit; x++){ // and now this
int AtAddress = Memory(Test, ((long int)Address + x), 0, false);
if (AtAddress == WhatToFind){
cout << "\n\nFound it at address: " << (LPVOID)((long int)Address + x);
break; // when found !
}
}
cout << endl;
system("pause");
return 0;
}
Johannes